raito
8afcf249d6
buildbot: upgrade to local machine specifications
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-18 12:18:02 +02:00
raito
25feb3c9f1
bagel-box: add a proper FQDN
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-18 11:43:05 +02:00
raito
56a04a6faf
buildbot: init
...
Reviewed-on: #68
2024-07-18 08:57:56 +00:00
raito
4473717e9f
gerrit: introduce buildbot checks plugin
...
It's a modified version of @puck 's Lix buildbot checks for
gerrit.lix.systems with a slight generalization in the configuration for
many repositories.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-18 10:56:46 +02:00
raito
da7175303c
buildbot: add support for remote builders via baremetal machines
...
For now, only builder-3 is used.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:28:26 +02:00
raito
e00d0331ec
common/known-ssh-keys: init
...
Let's ensure that all our servers are aware of all host keys to avoid
host key verification issues when needed.
(example: buildbot → gerrit)
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
a56426e6c9
secrets: rekey for new machine (buildbot)
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
c3394264ba
hosts/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
7789e9ce75
services/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
fda59ee6c0
gerrit: factor more configuration in the NixOS module for external consumption
...
Other modules may require information to configure themselves from the
Gerrit module.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 15:43:35 +02:00
emily
cc1e3f2e14
systems/git: make sshd startup less racy and flaky
2024-07-17 15:39:50 +02:00
raito
68d956f1ba
flake: add buildbot-nix on the refactor branch
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:57:17 +02:00
raito
81fc914d79
feat: change the default shell to zsh
...
Reviewed-on: #59
2024-07-17 12:56:45 +00:00
raito
87bd42cf1d
tf/dns: pre-add buildbot.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:44:18 +02:00
raito
34e8b4b98a
tf/dns: rework the forgejo DNS for the 2 servers
...
git.forkos.org → Forgejo
git.infra.forkos.org → OpenSSH
(with the .p. variants for the IPv4→IPv6 SNI proxies)
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:44:11 +02:00
Pierre Bourdon
5a05e44a95
tf/hydra: add a project for our hydra fork
2024-07-17 13:34:10 +02:00
Pierre Bourdon
234522cc3b
flake.lock: Update
...
Flake lock file updates:
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=fb9e29d4d0f2f591cd1d706fd3b7334af7d34b84 ' (2024-07-13)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=b0e9b4b2f99f9d8f5c4e780e89f955c394b5ced4 ' (2024-07-17)
• Added input 'hydra/lix':
'git+https://git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=6b4d46e9e0e1dd80e0977684ab20d14bcd1a6bc3 ' (2024-07-16)
• Added input 'hydra/lix/flake-compat':
'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Added input 'hydra/lix/nix2container':
'github:nlewo/nix2container/20aad300c925639d5d6cbe30013c8357ce9f2a2e' (2024-04-13)
• Added input 'hydra/lix/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/lix/nixpkgs-regression':
'github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2' (2022-01-24)
• Added input 'hydra/lix/pre-commit-hooks':
'github:cachix/git-hooks.nix/e35aed5fda3cc79f88ed7f1795021e559582093a' (2024-04-02)
• Removed input 'hydra/nix'
• Removed input 'hydra/nix/flake-compat'
• Removed input 'hydra/nix/nix2container'
• Removed input 'hydra/nix/nixpkgs'
• Removed input 'hydra/nix/nixpkgs-regression'
• Removed input 'hydra/nix/pre-commit-hooks'
• Added input 'hydra/nix-eval-jobs':
'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=c057494450f2d1420726ddb0bab145a5ff4ddfdd ' (2024-07-17)
• Added input 'hydra/nix-eval-jobs/flake-parts':
'github:hercules-ci/flake-parts/9227223f6d922fee3c7b190b2cc238a99527bbb7' (2024-07-03)
• Added input 'hydra/nix-eval-jobs/flake-parts/nixpkgs-lib':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/lix':
follows 'hydra/lix'
• Added input 'hydra/nix-eval-jobs/nix-github-actions':
'github:nix-community/nix-github-actions/622f829f5fe69310a866c8a6cd07e747c44ef820' (2024-07-04)
• Added input 'hydra/nix-eval-jobs/nix-github-actions/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/nix-eval-jobs/treefmt-nix':
'github:numtide/treefmt-nix/0fb28f237f83295b4dd05e342f333b447c097398' (2024-07-15)
• Added input 'hydra/nix-eval-jobs/treefmt-nix/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Updated input 'lix':
follows 'hydra/nix'
→ follows 'hydra/lix'
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/6794d064edc69918bb0fc0e0eda33ece324be17a' (2024-07-12)
→ 'github:NixOS/nixpkgs/9355fa86e6f27422963132c2c9aeedb0fb963d93' (2024-07-16)
2024-07-17 13:11:07 +02:00
Luke Granger-Brown
c296d0d46d
Merge pull request 'forgejo: init, admins: add emilylange' ( #62 ) from forgejo into main
...
Reviewed-on: #62
2024-07-16 23:11:55 +00:00
emily
95b58de737
forgejo: use redis as cache and session provider
2024-07-16 20:09:15 +02:00
emily
8b9d33d70c
forgejo: disable registrations, enable auto-registration for SSO
2024-07-16 17:14:23 +02:00
emily
ab9caaf520
systems: add git.forkos.org
2024-07-16 15:44:08 +02:00
emily
dd069c40d7
forgejo: init service
2024-07-16 15:44:06 +02:00
emily
9899b083ad
forgejo: init custom Forgejo patchset
2024-07-16 15:44:01 +02:00
emily
d4caf7b71a
admins: add emilylange
2024-07-16 15:43:58 +02:00
raito
37ec674984
dns: pre-add git.forkos.org
...
Reserved for a Forgejo instances with Emily's optimizations.
Plans: a mirror, code search and will see how it goes!
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-16 11:54:09 +02:00
Luke Granger-Brown
e3e60a5e72
services/monitoring: add scraping of Gerrit's internal metrics
2024-07-15 11:02:54 +00:00
Luke Granger-Brown
2e86babc8a
services/gerrit: add metrics-prometheus-exporter
2024-07-15 11:02:54 +00:00
Luke Granger-Brown
2b8f42dcda
secrets: add gerrit-prometheus-bearer-token
2024-07-15 11:02:54 +00:00
Luke Granger-Brown
f14bba14a3
gitignore: add secrets (but not encrypted secrets) to gitignore
2024-07-15 11:02:54 +00:00
raito
0723b7de42
Merge pull request 'terraform/gandi: more sniproxying for bagel-box,meta-01' ( #67 ) from ckie/moarr-v4 into main
...
Reviewed-on: #67
Reviewed-by: raito <raito@noreply.git.lix.systems>
2024-07-14 18:44:21 +00:00
mei (ckie)
3c2691d9e2
terraform/gandi: introduce proxyRecords
and proxy web services
2024-07-14 21:39:42 +03:00
Luke Granger-Brown
a44196fc3c
flake: update nix-gerrit
2024-07-13 18:24:05 +01:00
Ilya K
7a937e837a
Unlimit Mimir max series
2024-07-13 15:52:46 +03:00
Pierre Bourdon
ecfe0ec886
flake.lock: Update
...
Flake lock file updates:
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=05d620a54f38f3764a643d824b55f7790736bb14 ' (2024-07-13)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=fb9e29d4d0f2f591cd1d706fd3b7334af7d34b84 ' (2024-07-13)
2024-07-13 06:13:22 +02:00
Pierre Bourdon
7d9461808c
builders: configure a swapfile + zswap
2024-07-13 04:40:51 +02:00
Pierre Bourdon
293bc52ace
hydra: reduce number of parallel builds per builder to limit RAM consumption
2024-07-13 04:38:24 +02:00
Pierre Bourdon
64079be3c0
flake.lock: Update
...
Flake lock file updates:
• Updated input 'agenix':
'github:ryantm/agenix/3a56735779db467538fb2e577eda28a9daacaca6' (2024-06-14)
→ 'github:ryantm/agenix/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6' (2024-07-09)
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=a9a2679793a17325c966dec4cbb27d44b0531694 ' (2024-06-24)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=05d620a54f38f3764a643d824b55f7790736bb14 ' (2024-07-13)
• Updated input 'hydra/nix':
'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=4c3d93611f2848c56ebc69c85f2b1e18001ed3c7 ' (2024-06-24)
→ 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=4b109ec1a8fc4550150f56f0f46f2f41d844bda8 ' (2024-07-11)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/ab82a9612aa45284d4adf69ee81871a389669a9e' (2024-07-07)
→ 'github:NixOS/nixpkgs/6794d064edc69918bb0fc0e0eda33ece324be17a' (2024-07-12)
2024-07-13 03:12:13 +02:00
Janik Haag
9189b73a5f
devShell: change colmena to the nixpkgs version
...
this is done to avoid unnecessarily recompiling colmena
2024-07-13 01:10:59 +00:00
Janik Haag
af515792cc
admins: add janik
2024-07-13 01:10:39 +00:00
Janik Haag
b4deee29af
editorconfig: init
...
Add a barebones `.editorconfig` to at least trim whitspaces and enforce some minimal norms
2024-07-13 01:10:18 +00:00
Pierre Bourdon
756341ea4c
builders: tune sshd MaxStartups to avoid rate limiting Hydra
2024-07-12 21:57:04 +02:00
Janik Haag
bed5ef022f
change the default user shell to zsh
2024-07-12 19:50:34 +02:00
Yureka
e6ead602f0
builders get a special treatment for dns64
2024-07-11 02:05:58 +02:00
Yureka
329f267b02
enable nftables on all hosts
2024-07-11 02:05:35 +02:00
Yureka
b14f155d55
add ipmitool on vpn-gw and builders
2024-07-10 20:49:17 +02:00
Pierre Bourdon
c8208f42ef
flake: attempt to fix the hydraJobs definition
2024-07-10 19:03:18 +02:00
Pierre Bourdon
087d17c681
tf/hydra: add a project/jobset for infra machine configurations
2024-07-10 18:52:43 +02:00
Pierre Bourdon
d2336262fb
hydra: set allowed URIs in restricted mode for flake inputs
2024-07-10 18:52:22 +02:00
Pierre Bourdon
f35cfbd567
flake: configure some hydra jobs (all machine configurations)
2024-07-10 18:43:54 +02:00
Pierre Bourdon
58325e30dd
common/nix: use bagel-cache by default
2024-07-10 18:17:30 +02:00