raito
58f2ff9858
chore: connect terraform to the hive
...
This way, we can autogenerate records for storage and builders nodes by
reading directly the configuration.
This makes evaluation of `nix run .#tf` slower, but this makes things
more safer and easier, so it's good.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-27 21:33:45 +01:00
Maxine Aubrey
86e833f52a
chore(tf): drop all gandi resources
2024-10-05 18:46:45 +02:00
Kiara Grouwstra
b291caac46
feat(monitoring): add uptime-kuma for status page, fixes #97
...
Adds a service for a status page using
[`uptime-kuma`](https://uptime.kuma.pet/ ).
2024-10-01 16:13:23 +00:00
Maxine Aubrey
8d95d1f850
fix(dns): dnsimple expects FQDNs in CNAMEs
...
DNSimple doesn't appear to follow the typical behaviour of appending the
domain unless the CNAME is terminated with `.`
To avoid further problems, let's just explicilty use the FQDN for all
CNAMEs.
https://support.dnsimple.com/articles/cname-record/
For comparison:
```
;; ANSWER SECTION:
alerts.forkos.org. 300 IN CNAME meta01.infra.p.
```
```
;; ANSWER SECTION:
alerts.forkos.org. 181 IN CNAME meta01.infra.p.forkos.org.
meta01.infra.p.forkos.org. 181 IN A 163.172.69.160
```
2024-09-24 23:11:28 +02:00
Maxine Aubrey
29c1b366c6
feat(dns): migrate forkos.org zone to dnsimple
2024-09-24 21:10:39 +02:00
Maxine Aubrey
16027be2ca
fix(dns): apex cnames are not allowed
...
change flowery.systems from CNAME to ALIAS pointing to news.forkos.org
2024-09-24 20:50:41 +02:00
Janik Haag
8acc60e328
feat(dns): migrate functions from gandi to dnsimple
2024-09-24 00:25:58 +02:00
Maxine Aubrey
e3b6cb72b4
feat(dns): add dnsimple to terraform configuration
2024-09-23 19:49:21 +02:00
Ilya K
c1712dc1fa
Set up tempo
2024-08-31 15:05:30 +03:00
raito
322f10d9ae
feat(dns): add raw S3 reverse proxies domains for channel scripts
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 00:19:40 +02:00
Ilya K
bf7252c210
terraform/hydra: more nixpkgses now
2024-08-30 21:34:30 +03:00
Ilya K
30d759edf4
terraform/hydra: switch k900-experiments jobset to less-nixpkgses branch
2024-08-30 19:22:09 +03:00
raito
42cfa695ea
dns: add pyroscope.forkos.org → meta01
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 21:03:07 +02:00
raito
58c0dd3d2e
feat(public): add listmonk instance on news.forkos.org
...
To prepare for public communications and updates.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-21 16:45:12 +02:00
Yureka
a72a991863
add A record for cache.forkos.org
2024-08-19 23:06:46 +02:00
Pierre Bourdon
8ffb7e51f1
tf/gandi: reduce all TTLs from 1h to 5m
...
Serving DNS is absurdly cheap (and we don't even do it ourselves right
now), and this makes it easier to iterate on DNS configs.
2024-08-16 08:51:31 +02:00
Pierre Bourdon
b7d913b22f
tf/gandi: move hydra CNAME to build-coord
2024-08-16 08:50:35 +02:00
Pierre Bourdon
e7f25d6ee2
tf/gandi: add a postgres CNAME to bagel-box
2024-08-16 07:34:55 +02:00
Pierre Bourdon
90325344a3
Reserve builder-11 for build coordination, rename to build-coord
2024-08-13 19:12:36 +02:00
Pierre Bourdon
ca904d7b4e
tf: use tf.ref instead of config.resource.* when dependencies matter
...
Using config.resource.* gets interpolated by Nix, whereas tf.ref gets
interpolated by Terraform. The latter ends up generating implicit
dependencies between resources.
In practice, the lack of dependencies was only showing up when creating
a new Hydra project + jobset at the same time - the concurrent /
misordered creation sometimes required two different TF applications to
create first the project then the jobset (the first application would
end up with a failure).
2024-08-12 19:36:50 +02:00
Ilya K
9ad279a505
Set up admins + DNS for hookshot
2024-08-09 14:03:56 +00:00
Yureka
dd81b78f7a
add nixos-main jobset
2024-07-28 23:40:36 +02:00
Yureka
537b3b978c
remove yureka-staging-test jobset
...
I have no idea how, but it seems I accidentally deleted this jobset
2024-07-28 23:39:57 +02:00
Yureka
f737c957a5
add staging next jobsets
2024-07-26 21:17:55 +02:00
raito
b8a4cd928d
tf/dns: prepare public01 DNS records
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-25 20:40:17 +02:00
raito
6ad9e0416d
tf/dns: cache.forkos.org will be born
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-23 17:28:17 +02:00
Yureka
555728ca0f
point k900 experiments jobset at nixos/release.nix
2024-07-21 19:41:17 +02:00
raito
60654e45d9
tf/hydra: use that weird commit for testing purpose
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-21 19:18:42 +02:00
raito
8aa5761660
tf/hydra: add k900 experiment jobset
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-21 19:16:20 +02:00
Yureka
d4f8cb6c87
add jobset for yureka-staging-test
2024-07-20 15:14:00 +02:00
raito
87bd42cf1d
tf/dns: pre-add buildbot.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:44:18 +02:00
raito
34e8b4b98a
tf/dns: rework the forgejo DNS for the 2 servers
...
git.forkos.org → Forgejo
git.infra.forkos.org → OpenSSH
(with the .p. variants for the IPv4→IPv6 SNI proxies)
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:44:11 +02:00
Pierre Bourdon
5a05e44a95
tf/hydra: add a project for our hydra fork
2024-07-17 13:34:10 +02:00
raito
37ec674984
dns: pre-add git.forkos.org
...
Reserved for a Forgejo instances with Emily's optimizations.
Plans: a mirror, code search and will see how it goes!
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-16 11:54:09 +02:00
mei (ckie)
3c2691d9e2
terraform/gandi: introduce proxyRecords
and proxy web services
2024-07-14 21:39:42 +03:00
Pierre Bourdon
087d17c681
tf/hydra: add a project/jobset for infra machine configurations
2024-07-10 18:52:43 +02:00
Pierre Bourdon
0e24c18815
tf/hydra: add a test staging-small nixpkgs jobset
2024-07-10 01:57:12 +02:00
raito
90e54d7292
terraform: add DNS records for VPN-GW & builders
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-10 00:55:42 +02:00
Pierre Bourdon
7f46e5d9a4
services: add ofborg, currently running rabbitmq only
2024-07-08 23:55:11 +02:00
Ilya K
82e074881f
DNS: clean up a bit, add root level record for future Matrix shenanigans
2024-07-08 13:54:15 +03:00
Pierre Bourdon
5ebd71e4d5
tf/hydra: change Hydra URL
2024-07-08 00:01:24 +02:00
Pierre Bourdon
2700ac5efc
tf/dns: fix hydra CNAME
2024-07-08 00:01:14 +02:00
Pierre Bourdon
078f298b8c
tf/dns: add bagel-box and hydra
2024-07-07 23:48:23 +02:00
Pierre Bourdon
4b0a2cd7e5
tf: add DNS management via Gandi
2024-07-07 20:43:05 +02:00
Pierre Bourdon
dcd5f68545
tf: store hydra credentials in state via numtide/secret
2024-07-07 19:18:30 +02:00
Pierre Bourdon
2e9483936e
tf/hydra: fix project owner to use an automation account
2024-07-07 18:44:17 +02:00
Pierre Bourdon
30859b2872
terraform: store state on S3
2024-07-07 18:22:41 +02:00
raito
8dc7ee9864
hydra: add declarative controls via terranix
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 17:59:56 +02:00