the-distro/infra
8
0
Fork 3
Code Issues 34 Pull requests 3 Packages Projects 1 Releases Wiki Activity
303 commits 18 branches 0 tags 1.8 MiB
Commit graph

303 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pierre Bourdon 078f298b8c
tf/dns: add bagel-box and hydra 2024-07-07 23:48:23 +02:00
Pierre Bourdon 4b0a2cd7e5
tf: add DNS management via Gandi 2024-07-07 20:43:05 +02:00
Pierre Bourdon dcd5f68545
tf: store hydra credentials in state via numtide/secret 2024-07-07 19:18:30 +02:00
Pierre Bourdon 7c6780a2a3
gitignore: add terraform lock file 2024-07-07 19:18:30 +02:00
Pierre Bourdon dd72904bf1
flake: replace tf wrappers with a single '.#tf' command 2024-07-07 19:18:30 +02:00
Pierre Bourdon 2e9483936e
tf/hydra: fix project owner to use an automation account 2024-07-07 18:44:17 +02:00
Pierre Bourdon 30859b2872
terraform: store state on S3 2024-07-07 18:22:41 +02:00
Pierre Bourdon 0c68a23275
flake: fix 'nix flake check' 2024-07-07 18:02:55 +02:00
raito 8dc7ee9864
hydra: add declarative controls via terranix 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-07 17:59:56 +02:00
raito e803c198c1 admins: provision jade 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-07 13:15:27 +00:00
raito 578e24e634 systems: add fodwatch.forkos.org 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-07 13:15:27 +00:00
raito e1a034927c Merge pull request 'Split node_exporter and cadvisor config, disable cadvisor for nodes that are themselves containers' (#25) from cadvisor-containers into main 
Reviewed-on: delroth/bagel-infra#25
Reviewed-by: raito <raito@noreply.git.lix.systems>
 2024-07-05 17:21:27 +00:00
Ilya K 5b0f3c4541 Split node_exporter and cadvisor config, disable cadvisor for nodes that are themselves containers 2024-07-05 20:06:43 +03:00
raito b319b02f07 fix: remove custom logging format for Gerrit 
This way, we get picked up by the LGTM stack exporter machinery.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-05 18:52:38 +02:00
raito 75f779716d Merge pull request 'Grafana' (#24) from grafana into main 
Reviewed-on: delroth/bagel-infra#24
 2024-07-05 16:43:13 +00:00
Ilya K 2441d18f17 Add Loki + Promtail setup 2024-07-05 16:10:31 +00:00
Ilya K 03cb9c390c Add postgres exporter 2024-07-05 16:10:31 +00:00
Ilya K 42f8ad8fa4 Add nginx log exporter 2024-07-05 16:10:31 +00:00
Ilya K 63b31e98cf Add Grafana/Prometheus/Mimir minimal setup 
More later, Loki also later.
 2024-07-05 16:10:31 +00:00
Ilya K 99f715caca Add devShell with agenix and colmena 2024-07-05 16:10:31 +00:00
Ilya K 3ad481c125 Clean up SSH key dupes, add Maxine 2024-07-05 16:10:31 +00:00
Pierre Bourdon 34a29552da
hydra: update the epyc.infra.newtype.fr public host key 2024-07-05 16:43:29 +02:00
raito fa1bc1ced9 Merge pull request 'gerrit01: those who finetune even further' (#20) from gerrit-finetuning into main 
Reviewed-on: delroth/bagel-infra#20
 2024-07-05 12:37:43 +00:00
raito 6b7ddbcd29 bagel-box: reuse common/ module 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-05 13:29:56 +02:00
raito e27f152f00 common/base-server: use ambiant stable lix by default 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-05 13:29:47 +02:00
raito 6fb584109a common/raito-vm: disable useDHCP 
We are using networkd by default…

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-05 13:12:35 +02:00
raito 0b01e9a99f gerrit01: those who finetune even further 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-05 12:23:44 +02:00
raito 832b0784d8 common/admins: add K900 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-04 23:57:05 +02:00
raito e148d54b18 Merge pull request 'gerrit01: make it go brrr on https clone' (#17) from gerrit-http-clones into main 
Reviewed-on: delroth/bagel-infra#17
 2024-07-04 12:43:18 +00:00
raito 6c237e8d40 gerrit01: make it go brrr on https clone 
proxy_buffering was the root cause.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-04 14:42:49 +02:00
Pierre Bourdon bf8fe65f9f
bagel-box: update ssh host key & rekey 2024-07-04 13:59:18 +02:00
raito f0647702d4 hotfix: hot bagel on secrets (netbox) 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-04 13:51:25 +02:00
Pierre Bourdon e387fffd66
hydra: add i686-linux support to the remote builder because nixpkgs bootstrap relies on it, even on x86_64 2024-07-04 13:44:59 +02:00
raito 0a747f2f3a Merge pull request 'terranix: init' (#14) from terranix-init into main 
Reviewed-on: delroth/bagel-infra#14
 2024-07-04 11:42:17 +00:00
raito e422da8f83 terranix: init 
Adds simple `nix run .#apply` & `nix run .#destroy` which renders the
configuration file and let Terraform drive it.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-04 13:41:52 +02:00
raito 357f5d8989 Merge pull request 'meta01: update DNS to *.forkos.org' (#12) from meta01-update-dns into main 
Reviewed-on: delroth/bagel-infra#12
 2024-07-03 08:59:53 +00:00
raito 182e55c35f gerrit01: rename to cl.forkos.org 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-03 10:58:49 +02:00
raito c892e4ca70 Merge pull request 'gerrit01: init' (#10) from gerrit01 into main 
Reviewed-on: delroth/bagel-infra#10
 2024-07-03 08:56:54 +00:00
raito c327423b46 meta01: *.nixpkgs.lahfa.xyz → *.forkos.org 
As it should be.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-01 21:29:34 +02:00
raito 98a33e4300 gerrit01: init 
With:

- A package hierarchy
- A source-based Gerrit deployment

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-01 21:22:36 +02:00
Pierre Bourdon 403bb2d625 Merge pull request 'meta01: init' (#9) from meta01 into main 
Reviewed-on: delroth/bagel-infra#9
 2024-07-01 17:45:14 +00:00
raito e3f3c87c0d meta01: init 
Includes:

- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
 2024-07-01 19:40:37 +02:00
Pierre Bourdon 317400f19a
flake.lock: Update 
Flake lock file updates:

• Updated input 'hydra':
    'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=e9d0a3a754d5a477126ecb3c0bac3bf91a5bb189' (2024-06-24)
  → 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=a9a2679793a17325c966dec4cbb27d44b0531694' (2024-06-24)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9b10b8f00cb5494795e5f51b39210fed4d2b0748' (2024-06-20)
  → 'github:NixOS/nixpkgs/9693852a2070b398ee123a329e68f0dab5526681' (2024-06-22)
 2024-06-24 21:46:15 +02:00
Pierre Bourdon be5c6f0656
postgres: fix permissions on the dataDir, it refuses 0770 2024-06-24 21:45:17 +02:00
Pierre Bourdon 2ed6f92ed8
postgres: bump max connections count 2024-06-24 21:45:17 +02:00
Pierre Bourdon cb6e5b1652
hydra: actually use version from flake 2024-06-24 21:45:17 +02:00
Pierre Bourdon 73aecaef41
hydra: provide S3 and SSH credentials (via agenix) 2024-06-24 20:59:19 +02:00
Pierre Bourdon 04bd33e32c
infra: add agenix, add s3 credentials 2024-06-24 18:03:20 +02:00
Pierre Bourdon 78293ae532
bagel-box: switch to DNS for targetHost 2024-06-24 18:03:20 +02:00
Pierre Bourdon 91beb0eddc
bagel-box: add postgres+hydra 2024-06-24 18:03:20 +02:00