436882c3eb
fix(services/vault): proxy pass to the local vault server web port
...
Oopsie, forgot that commit.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:51:11 +01:00
14f5bc10a1
chore(pkgs/openbao): 2.0.2 -> 2.1.0
...
https://openbao.org/docs/release-notes/2-1-0/
https://openbao.org/docs/release-notes/2-0-0/#203
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:42:48 +01:00
a4d4ff8041
feat(build-coord): enable first Vault instance on it
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-15 16:30:21 +01:00
2c4e60760f
feat: introduce a Vault module for secrets management
...
Via a fork of the Linux Foundation, called OpenBao.
The module supports high availability but we only have one node for now.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 21:49:44 +01:00
dc23bb7054
feat: introduce awareness module for WAN addresses
...
Introduce a data-only module to perform abstraction on the deployment,
we use it for WAN for now.
The usecase is service discovery for simple cases.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 21:47:53 +01:00
84899b48ea
feat(channel-scripts): support push to git and automatic cleanup of failed streaming
...
Now, we won't pile a bunch of failed streaming attempts and this will
automatically push to git.
Credentials are left to be done for the push to actually work.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 19:06:47 +01:00
c3b1a3d1da
feat(gerrit01): upgrade to Gerrit 3.10.3
...
And monitor the performance situation as always.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 17:13:18 +01:00
980709cc02
chore(ows): remove Raito personal sandbox branches
...
I am not using those branches anymore, we can remove them.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 14:42:22 +00:00
112f60afd1
feat(ows): support moving away onewaysync
...
We are running into too many out of disk space situations with OWS on
the main disk.
This way, we can reuse the Gerrit disk for all that data, which
hopefully, is quite shared with Gerrit.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 14:42:22 +00:00
879292aa9e
chore: bump everything
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-12-14 15:17:29 +01:00
e912796992
fix(buildbot): use builder-4 for forkos buildbot instance
...
Since 070d97fd
2024-12-14 15:17:22 +01:00
070d97fdf1
adjust builders list
2024-12-09 10:46:03 +01:00
2e7a702c28
adjust builder assignments
2024-12-09 10:28:20 +01:00
cae763e8dd
ofborg: enable nginx for certs
2024-11-17 14:48:08 +03:00
4f1378937f
Disable nixos-option, it breaks
2024-11-17 14:39:25 +03:00
7e3074a769
Update everything again
2024-11-17 14:39:19 +03:00
3182a036c0
chore: bump everything
2024-11-12 23:42:51 +03:00
54e8282aac
fix: use promtool to verify rules, fix format
2024-11-12 23:21:30 +03:00
41be8dc170
fix: pin pyroscope to go 1.22
2024-11-12 23:16:46 +03:00
b08330c42b
fix: allow insecure netbox
2024-11-12 22:52:11 +03:00
268422f653
fix: update grapevine to build with current nixpkgs
2024-11-12 22:49:33 +03:00
4e03cf2309
increase zram on build-coord
2024-11-04 08:48:40 +01:00
00a5d373f3
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/e2f08f4d8b3ecb5cf5c9fd9cb2d53bb3c71807da' (2024-10-05)
→ 'github:NixOS/nixpkgs/7ffd9ae656aec493492b44d0ddfb28e79a1ea25d' (2024-11-02)
2024-11-04 08:46:51 +01:00
ec93c94e7e
revert default shell to bash
...
zsh is unbearably slow on some machines
2024-10-30 13:29:27 +01:00
f56576d644
fix: add util-linux in git-gc-preserve
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-28 12:07:54 +01:00
1ae3d7c396
chore: move to forkos branch for buildbot
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-28 12:07:06 +01:00
cca8156e52
Revert "chore: move to faster-depinfo branch for Buildbot"
...
This reverts commit 7df7eaeb9b
2024-10-27 22:01:34 +01:00
7df7eaeb9b
chore: move to faster-depinfo branch for Buildbot
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-27 19:39:18 +01:00
5ae71fff99
chore: add lorri to prevent direnv from blocking, closes #147
2024-10-27 09:42:11 +00:00
02f8bc7ca4
chore(o11y): filter by tenancy on node_exporter
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:37 +02:00
e0c029ba43
fix: make all buildbot postgres faster
...
work_mem was effectively absurdly low.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:24 +02:00
3ed36f74fd
onboarding: add pennae keys on lix infra
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:06 +02:00
b1f4674da0
chore: add tenancy in postgres
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:06 +02:00
226eacdeec
chore: add tenancy in node_exporter
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-22 16:57:06 +02:00
14935c5e92
fix: update grapevine config
2024-10-21 16:31:26 +03:00
bee402fecc
fix: ensure that pg_stat_statements is always created as an ext
...
Otherwise, we will have issues with this exporter.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-21 14:33:18 +02:00
3efdd0f6c9
fix: disable gitiles on gerrit01
...
It is generating too much traffic and CPU load for no good reason.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-20 11:24:58 +02:00
8c0c7b517f
feat: block automatically crawlers if the blocker is enabled
...
This help us getting rid of useless traffic by crawlers.
It is enabled for gerrit01 which is suffering the most from this.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-19 19:12:10 +02:00
d5500d7c4e
fix(buildbot): bring back the old Gerrit reporting
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-18 23:22:51 +00:00
eaf48a0cdd
fix(buildbot): use builder-9 as builder-10 is down
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-18 23:22:51 +00:00
e3129fec51
fix(buildbot): fix CORS properly
...
wildcards are not allowed in the headers.
We need to include credentials as well.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-18 23:22:51 +00:00
437293bdaa
fix(buildbot): remove CORS wildcards for their precise Gerrit hosts
...
wildcards are not supported in CORS headers, so this design was quite
wrong actually.
We can just use the actual Gerrit hostname for now.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-18 23:22:51 +00:00
df8a57f91a
users: add ckie
2024-10-18 14:43:25 +03:00
97bee26977
new ssh key for yureka
2024-10-10 13:42:29 +00:00
84cfbdb050
feat: check formatting and validity of alerts
...
Fixes #94 .
2024-10-07 20:00:54 +00:00
6a8f49f180
feat(gerrit): add some basic theming
...
This is based on some of the preliminary colour work done by @ckie in
the the-distro/floral.systems repo.
2024-10-07 19:27:13 +00:00
06dd4d6e85
update hydra
2024-10-07 19:25:51 +02:00
de085155a6
fix: update paths to floral secrets to secrets/floral/
2024-10-07 15:48:05 +00:00
2001012325
feat(uptime-kuma): status.forkos.org should point at the ForkOS page
2024-10-07 15:47:33 +00:00
fbf26302b6
hotfix(lix): use build01 features for build02 remote builder
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-07 15:26:27 +02:00
